Logo Samba

The Samba team discovered a critical vulnerablity in the access control of Samba/AD domain controllers. Any authenticated user can change other users’ passwords over LDAP including the passwords of the administrators.

We strongly advise to install the updated Samba packages for all UCS versions currently supported (from UCS 4.1-5 and UCS 4.2-3) which we have distributed today via the usual errata update channels.

The new UCS 4.3-0 whose release is scheduled for March 14, will also be shipped with a Samba version that is patched against this issue.

More information on the security updates can be found in our forum.

Maren Abatielos joined Univention in 2012. Since then she has been engaged in content and social media marketing for UCS and Open Source in general.

What's your opinion? Leave a comment!

Your email address will not be published. Required fields are marked *